Windows 10 & Secure Boot: Is Linux Really Doomed?

Back in 2011, many Linux fans were furious at the prospect that machines capable of running Windows 8 might lock them out of the ability to install Linux distributions on their own computers. The discussion was spurred by the fact that the BIOS firmware on motherboards would require UEFI compatibility for every system installed on the machine.

As a resolution, Microsoft mandated that manufacturers give users an “off switch” for UEFI Secure Boot. Fast forward to 2015, and the rage began once again when Microsoft announced that Windows 10 will not require manufacturers to include an option to turn off UEFI. What does this mean? Is Linux being phased out by design?

Understanding The UEFI Dilemma

As I’ve said above, Linux users are understandably concerned about Windows 10’s eventual prospect. Until 2015, manufacturers of BIOS chips and motherboards were required to allow users to turn off UEFI checking so that they can run Linux on their machines without any disturbance. The release of Windows 10 tells a different story, one that causes concern to many that they may not be able to install their favorite operating systems on computers that they build or pay for.

Of course, to understand this dilemma more, you have to know what the “Unified Extensible Firmware Interface” does. In short, it checks the digital signature on the operating system’s loader and drivers to make sure that some low-level malware isn’t being injected into it, damaging your hardware. In theory, UEFI could be locked down to approve only Microsoft-signed software, making it impossible to run anything not made by the company.

Can Windows 10 Run On a Pre-UEFI-Era Computer?

In the previous article I wrote on Windows 10, one thoughtful commenter asked a question: Can Windows 10 install without problems on a pre-UEFI BIOS?

The answer is “yes”. Windows 10 is able to load on both UEFI and non-UEFI systems. This gets me to the next point: If you build your own computer, the manufacturer of the motherboard has every incentive to allow you the option to install Linux, since Windows 10 will be able to run on hardware that has UEFI booting disabled. This may not be very true for manufacturers of computers that have specific partnerships with Microsoft, but we’re only able to speculate on this.

Is This The End Of Linux?

No. UEFI is a global standard that Microsoft has no ownership over. Therefore, if Linux distributions include compatibility for UEFI, they’ll be able to run without a problem in a “secure boot” environment. Technically, this means that they aren’t “locked out”, per se. Linux Mint 17 has had no problems installing with UEFI enabled, for example.

The future may look bleak, but developers will always have the incentive to make their product as compatible with as many machines as possible. That includes developers of open-source operating systems like Linux and its various distributions. As for manufacturers, it may be safe to assume that many of them will include an “off switch” for UEFI even though they are no longer forced to. There are no hurdles preventing them from doing such a thing.

66 comments

A vendor would be wise to include the ability to turn off “Secure Boot”, for a number of reasons: the main one being that be it ever so seldom, you’ll still “turn off” some customer selecting your product because of lack of flexibility and selecting another’s product because it has that capability.

Just go ahead, but for older Macs download “Bootcamp”, where the most important driver is the Cam-driver.

I run Mint Cinnamon on a MacBook Pro. It is fast, neat and even WiFi worked on first shot. Mint has full support for UEFI, and Gparted can rebuild and sign a UEFI partition, and the “Secure Boot” works fine with Mint – and has worked fine on Mint and Ubuntu since UEFI was invented. The novelty is that Microsoft may elect to only allow their signature, and that this is supported by some. That would make it impossible to install Windows on a Mac.It is Verisign that distributes the keys, and not Microsoft. What I have seen is PC where booting from a USB port has been disabled when running “SecureBoot”, and you then have to install Mint from a DVD. This is another “Secure Boot” and is not related to use of UEFI.

Yesterday, my little HP Stream 7 tablet errored out on the install of a Windows 8.1 update. The error code issued the usual link to the Microsoft Windows Help site, where I was told “unknown code” please check your entry. I then ran each of the three updates individually, and after a half dozen reboots/retries the three updates went through. Total time wasted on 800kB, just over 1 hour.

Compare this to my desktop Linux environment where a kernel update of 30 to 40 mB takes about two minutes and I NEVER have had an error or failure with any kernel, security, or other update in the four years that I’ve been a VERY HAPPY Linux user.

Windows 8.1 works great on the little Stream 7 tablet – like it was meant to be a tablet OS – if you are O.K. with wasting time dealing with Windows errors. I would even recommend the HP stream 7 for light use. On the other hand, the stability of Linux, and general lack of problems so common to Windows, means that I will likely remain a Linux desktop user for the foreseeable future. It’s a good thing that I bought two, quad core, non-UEFI desktops a couple of years ago – I’m set for the next decade or so. And, if I ever need to replace my 9 year old Linux laptop, there’s still Chrome available.

Looks like a another possible Anti-Trust move by Microsoft. I certainly hope the general public recognizes the true harm that is caused by monopolizing things that we all need to have. There is nothing that stifles progress more than preventing any possible avenues of progress, including forcing people to use a limited operating system. Here in the USA, in case anyone has forgotten, FREEDOM is the reason the USA was founded. We know that government and corporate America have indeed at least ignored that fact in lieu of their own less serving agendas.

Personally, I want the freedom to use any hardware to run any OS that suits my desire. That is a freedom that does NOT impinge on any other freedom! Heck; I DEMAND that freedom!

You have a very poor understanding of the issue. Your hatred of Microsoft is amusing. BTW, how’s using any OS you desire on Apple products working out for you? How’s even using a newer ipod/iphone to even do the most basic transfers of files to Linux working out for you?

… all fine. I use MacBooks and Linus and Android. The only problem I have is with Windows, and their non-standard tcp/ip and udp. Microsoft has still not left XNS behind them, it is IPX/SPX mixed up in a way that only Windows understand, which has never been documented. To call such a mess “freedom” is an insult to the term. Its an obstacle created to make it impossible for others to relate to what they make.

we all have a very good understanding of microsoft. when they cant compete, they use their money and false pretenses. uefi? fine, then have a neutral body sign certificates. we all know how microsoft fudged the signing process of specific linux distros. how can they “loose” files sent to them repeatedly? yes, microsoft needs removed from the process where their backroom deals and money persuade manufacturers from crippling their products. isnt it funny that to turn off secure boot you have to have windows installed? this is like ford or chrysler making backroom deals with the county or city/state to allow only their cars to drive full speed on the roads.

solution? first support those companies that arent exclusionary. buy from system76 type companies. their laptops will always run linux and do so full glory. some distros come set up and pc’s like linux mint to name one.. stop going to box stores. it just feels dirty to walk past so many cheap, cookie cutter win machines.

before buying a laptop, email the vendor and ask them about secure boot and disabling them. if you cant or if you have to jump through hoops, thell them ixsystems or zareason does the job better. dont just avoid them, let them know why-otherwise you dont exist. there is no lack of pc vendors now or post win10 that will do the job better than b.buy or blabla. afterall, ever wonder why windows skipped 9? because 8 was so bad they had to put some distance between it and 10. this is what the box stores have. seriously?

The problem is the technicality. It will be possible to lock out operating systems as long as that lock does not adhere to a standard that only Microsoft is capable of following with its own proprietary system. This condition is true. Therefore, no legal action will be possible, especially considering that Linux distributions are already working on UEFI compatibility. Some of them already have it.

But yes, this is creating friction and turbulence (much of it undue) in the computing community. I just hope we can get by this as fast as possible and continue enjoying everything we are used to enjoying, whether it’s Ubuntu, SuSe, Mint, or Windows 10 :D

Having just installed ubuntu 15.04 on an Aspire E3-112, I had lots of fun working out UEFI- however it all worked fantastic in the end- and I actually had to turn ON secure boot- and simply tell the bios where the UEFI loader was!

At the end of the day- vote with your cash. If a product comes out that you can’t use for any reason- don’t buy it- and if something totally amazing comes out- then make sure to support it- otherwise no-one knows otherwise!

Great. Yet another reason to hate Microsoft. What a bunch of scumbags…trying to compete with Monsanto and Koch inc. as the most hated entities in the US. Keep us posted as to class action lawsuits and sign me up!

Let Microsoft tie up their share of sales (albeit they are dropping) with proprietary systems contracted with any of the large computer manufacturers. Large businesses will stick with them believing they have ‘security’ as the UEFI is intended to increase. I still can purchase a bare bones system and build a better machine without all the security holes for a lot less money and end up with an efficient, screaming machine. Started doing this in the eighties and still have a couple of those machines still running. There has always been more than one way to skin a cat. Microsoft prefers brute force. Perhaps that is why they have the most security issues.

I will give them brute force: Tell me and everyone: What is the purpose of leaving every tcp/ip port “Lingering” in “TIM_WAIT” state after disconnect? I know that the answer is that you do this because the NSA pays you for it. But now that it is said, and it allows everyone to hack into not only Windows computers but every computer that hooks up with them, is it not time to stop this racket? We do this thousands of times every day, leave the door open for 10 to 30 seconds so others can walk right in. It kills the big servers that runs out of sockets and file descriptors. Those of us that know this, also know how to close the door when the socket goes cold – but the million others believe they are safe. Those that want to read more – start with Linux / MacOS (Unix BSD): man gethostbyname and see the specific of “Windows sockets”.

I HAD a Windows 8 OS to which I had ran Windows 10 on. I was going to revert back to the 8 OS and now my computer won’t recognize the OS. SO sad to say, I am now out a computer. Can’t I get Windows to replace my computer cause it’s of no use to me now?

Just so you know …I have been running Win 10 on a spare laptop since the preview became available…I am now on build 10049..I did it out of curiosity than need and was going to dump it also until this past week when they cleaned up a bunch of bugs. I also found that my original OS had been wiped out by the Win 10 install….but now I actually li,e it. Since Win 10 will be free anyway I figure I can just keep updating it and still have a very usable laptop. Wishing you the best with yours…should you decide to continue with Win 10 and its newest updates.

Daren, I know it’s a bite in the shorts, but I think fixable. I only play with my computers. No real expertise, but you need to go into your bios and disable the UEFI. Once you have done that allow for a remote boot as in cd/dvd drive or thumb drive. Load your Micro 8 or other operating system in your cd/dvd drive or thumb drive and install preferred operating system. Hope this helps. I’m sure there are others more qualified to help you if this is beyond your comfort zone.

Just reinstall Win8 Linux or whatever you want. Your computer doesn’t recognize Win8 because you replaced it with Win10 tech preview. Something they made very clear when you installed Win10. Just reinstall 8 if you want.

If free as in beer Win10 doesn’t float your boat just use free as in freedom linux. Those that suggest apple’s locked down alternative to MS as somehow noble are pretty funny.

Hater’s are gonna hate, but to suggest MS are scumbags by no longer mandating vendors do something is a bit of a stretch.

I don’t see the point of people being outraged at Microsoft, other than it’s just another occasion to blast Microsoft for no reason. Calling them “scumbags” is too harsh. I am not an advocate of Microsoft, or a big fan, but in all fairness they are not asking to block any other operating systems. Actually they are not asking for anything at all.

The UEFI is not Microsoft’s standard. They don’t control it. All they are saying is that they are no longer “demanding”, or “requiring” motherboards manufacturers to make UEFI switchable (on/off) or not. They simply now don’t care if the option is there or not. Their product doesn’t require that feature, and they have no reason to require it in order to meet OTHER operating systems requirements. That’s all there is to it.

So it is up to the motherboard’s manufacturer to keep that option or dump it. Since it is in the best interest of the board’s manufacturer to keep that option, for obvious reasons, it is unlikely that it will be dropped, and since it is a legit safety guard, other operating systems developers should get off their comfy chairs and adapt to UEFI.

Unless Microsoft has a claus in their confidential OEM contracts that will not allow an OEM to offer such an option (disabling Secure Boot that is)… I doubt this would be the case with every manufacturer, but I do expect to see it with some of the bigger manufacturers that are tightly associated with Microsoft (e.g. HP).

This is an issue that the vendors an manufacturers have to work out. I’m not a Windows user, therefore I don’t need UEFI on my machine. I will not buy va machine that will not allow me to install the OS of my choice. By doing this MS is forcing the consumers to look elsewhere for their computing needs. Companies that are offering what the consumer wants will thrive and this move by MS will only further cause the masses to turn away from them. They have consistently thumbed their noses at the home users, and the corporate world as well…eventually the world will come to realize that Windows is not the only option for building and running a network, sooner or later MS will become “second fiddle” to the Open Source community at large!

“n short, UEFI checks the digital signature on the operating system’s loader and drivers to make sure that some low-level malware isn’t being injected into it, damaging your hardware.” Does UEFI work as designed and as advertised? Does it prevent damage to the hardware? If the answer is “YES” than we’d better get used to it. If the answer is “NO” than it is a worthless piece of garbage that Microsoft foisted on the manufacturers and users and we should all vote with our wallets.

Its a “digital signature” provided by Verisign – and not Microsoft. But it is one that the manufacturer of BIOS can use to only allow Microsoft made software to boot. So far, the rule is that the “signature” has to be correct. Malware can just give the Microsoft signature to its malware, a signature that is public and anyone can use – and infect as before. It will not crop up with the fancy name of the creator, but there is no enhanced security what so ever, except that it requires those that make malware use tools that can insert the MS signature. The problem comes when Ubuntu comes with the signature to Canonical – which is not Microsoft, and BIOS is made to accept only Microsoft´s signature. That day can come.

The Win 10 preview was released as: “A preview for PC experts” with the expectation that it may not be perfect and may not allow simple rollback. Some of MS’s warnings “Unexpected PC crashes could damage or even delete your files, so you should back up everything.”

They also offered the advise to run Win 10 in a VM if you weren’t comfortable with the idea of losing everything on the device. They are not responsible for your actions. you were warned that the preview could damage the system as it is not finished software.

BOYCOTT MICROSOFT AND ALL MANUFACTURERS WHO DO THIS . We must do all we can to hit Microsoft and the manufacturers who implement this AS HARD AS POSSIBLE. Short of massive sabotage we must try to exclude all and any manufacturer which implements this from all and any bids, scientific activity or commercial endevour.

If it isn’t finished software, then how the hell can they release it and not be responsible for the damages caused? I don’t like VM’s, never have, never will so my point is, that I should be reimbursed for the unfinished software that crashed my hardware!

Before you install something like that its good practice to do a full backup, what you put on your machine is your responsibility. Personally hated Win 8, too many adds, confused desktop with no bloody control over what it was going to do next. Win 8.1 much better but it can’t decide whether it wants to be a desktop or tablet OS. but it does run old games like Strumavik IL2 well. Mostly use Zorin Linux, blows the hell out of Windows for speed stability and usability. Only started to use Windows again when it came with my new laptop, i5 processor, hate to think what it would be like on anything slower. Dam close to replacing Win8 on it with Linux Zorin before it got the auto upgrade to 8.1. Will stick around for 10 but Linux rules on my other machines.

What am I missing? Microsoft isn’t requiring motherboard manufacturers to block other OS’s. If I read this correctly, they are simply not *requiring* manufacturers to be compatible with other OS’s, and it’s up to the mobo mfgr to include or not a non-UEFI mode. If this is true, how is this as evil as 90% of the commenters imply is the case? Seriously, what am I missing?

For that matter, why should it be Microsoft’s obligation to force hardware manufacturers make their systems compatible with an OS over which Microsoft have no control? How does this help Microsoft’s *customers*?

Also, aside from blocking an OS that isn’t UEFI compliant, is there something inherently bad about UEFI? Why shouldn’t this be part of Linux?

And finally, a question to the guy who hates virtual machines — why? I love a sandbox where I can run a virus to see what it does, with no concerns about what it will do to my host system. And I love a place to test new software before committing to it on a primary system. How could you not love the safety that a virtual environment provides for testing?

Problem is that you must use a firmware that is recognised by the mobo as a safe operating system. This means that each linux distro maintainer has to contact every manufacturer, prove that his software is trustful, and provide a firmware key. That’s too expensive and time consuming. So, big distro maintainers right now are renting a key from Microsoft, to avoid all that work. But it also means that developing a brand new distro could be impossible if the team lack the resources. Many linux distros have started small and then developed when their fans grew. You could, theoretically, fork any previous distro, but that way, something like Arch or Gentoo would never have happened.

If you are a software developer you may want to tweak your operating system, if you know what you are doing. With UEFI Secure Boot enabled you can’t. So, unless you want to use a closed system, to ensure your children, or some malware, don’t mess with it, Secure Boot just limits you.

Some vendors will prefer to give choices, to get a wider target. Some other may be tempted to offer a closed system that will work only with a proven stable operating system, so you trust that buying that brand means your machine will not fail (by forbidding you to use risky os). I may buy something like that for my grandparents. But then, we will start seeing laptops where you cannot install any os you may want.

Thanks Abraham. I now understand why it’s not all that simple for a distro to be UEFI-compliant, but I’m still having a hard time understanding all the hating on MS in these comments. It still seems they are acting in a way they believe is most beneficial and most secure for their customers, and their “crime” is to no longer *requiring* mobo mfgrs to support competitive operating systems. Seems like the Dells and HPs of the world might leave the switch out, while Asus and their brethren (the ones who already directly support overclocking) will include the switch.

Am I seeing this wrong, or does UEFI provide a more secure environment for people who are running Windows and have no interest in switching to a different OS?

UEFI provides no additional security, except that it forces the distributors of Windows malware to sign their code with the signature provided by Verisign to Microsoft, and is contained in every Windows binary. On the Linux distro side, it is simpler than explained, Canonical has worked with Verisign and use their signature on all Ubuntu distributions and related distributions such as Mint. It is easy also to get your own “signature” – Gparted in Ubuntu can do that for you, and then should anyone steal your disk, no other computer should be able to use it – it is signed by you for your use only. But Microsoft can ask a manufacturer now to only allow their signature, and that would make it impossible to install anything but Microsoft signed OS. But of course, it will not stop Microsoft signed malware in any way or form. That will continue to be distributed.

These are full computers we’re talking about, not little phones or embedded devices. We should be able to run any operating system we please. After all, we’re paying upwards to $1000 on these machines (sometimes more). Making a lock-out system on a computer so the user can only run one operating system is like telling someone they can only eat hot dogs for the rest of their life.

Seriously don’t get why people are blaming Apple for this. Macs use a custom EFI implementation, but have BIOS compatibility to be able to install Windows – which they actually endorse and provide official drivers for – and as such would also let you install Linux or other operating system.

I want to be able to boot whatever is possible and I don´t like restrictions whatever reasons they give. I think I there are enough boot problems without adding new ones. MS also restricted small laptops to 2 gb when 4 was possible. Please give me a possibility to disable safe boot so I have a choice.

I imagine that at least some of the “key” OEMs will have a claus in their confidential contracts – which are not available to the general public (unless they are leaked, anyway) – prohibiting an option to disable Secure Boot… It wouldn’t be the first time Microsoft has utilized such tactics…

In saying that, any major manufacturer that does NOT provide an option to disable Secure Boot is only going to deter sales and drive their profits to other companies that are “Linux-friendly”, such as System76, Entroware, ZaReason and Clevo distributors, thus hurting their own profits.

I for one will never purchase a laptop (or a desktop for that matter) that forces me to use a particular operating system (even a Linux-based one…) – it’s my computer and therefore I should have a choice in how I use it, period… An opinion that much of the Linux Community and even some of the Microsoft Community shares.

Can I upgrade to windows 10 from windows 8 on any motherboard, as my mitherboard was burnt i was thinking of buying new one, if i cant get windows 10 on my new board, it would be waste, should i wait till windows 10 ready board or can use windows 8 board and upgrade later? Please suggest me fast as my computer is not working, it needs to be fixed and i am a gamer, i need to play!…..,?

Windows will probably continue to remain the desktop of choice for “desktop” computers, and possibly laptops. However, outside of work, increasingly the Internet access point in the Android or iPhone.

At home, Apple is making inroads, but there are so many vendors selling Windows PCs, and it’s what everyone knows, that it has a huge lead. It’s hard to make predictions, particularly about the future, but it does seem people like their iPhones and iPads, and want their macbook or iMac.

There are some specific apps, like genealogy apps, which right now just run better on Windows. Gramps is a cantankerous old biddy compared to the big two companies.

Microsoft is loosing territory and bleeding fast. They lost the mobile market, that is more than 2/3 of the Internet now. They lost the tablet / iPad – and have one turf left: the desktop. Linux is on way ahead of Apple, – Android is Linux. And MacOS is Unix BSD with the Mach kernel – so more or less the same thing. The moment those that develop software see where the money is, they will change platform and leave Microsoft in the dust, and Nagella knows this. So, now they put in place a mechanism that seems safe, allows freedom of choice – but provides a way to lock your hardware to Microsoft. So if you want to interface your laptop to your TV set that runs Android, they have a way to make certain that you cannot do it. If you want your router to be seen as part of your laptop – they have a way to stop that. They may not use it, but they can. Manufacturers of BIOS can make their chips so that you have to use Microsoft – not by orders from Microsoft, but they can for no other reason but make a mistake. The argument is that this increase security in some way, and I fail to see that, also malware can sign with Microsoft´s signature: It is just to copy it. That you are not allowed to do it has never stopped hackers nor Microsoft. As long as it can be done, someone will do it – and usually it will have some other effect that nobody had expected.

‘Is Linux really doomed?’ – God I hope so. I’m so sick to death of Linux fanboys trolling every blog comment section. It’s a nightmare of an operating system, where nothing works without you having to Google twenty different sites – all of which display the wrong information and steps – and waste several hours of your life trying to install a driver.

No doubt I’ll get flamed for this, but come on, admit it, Linux just doesn’t work for the modern computer and world. It was great ten years ago, a novelty even. But today, on a decent PC… Not a chance.

Much to their content, Linux users will still have a platform. Linux isn’t doomed. That was the whole point. The standards that manufacturers will include in their hardware are replicable on any operating system and open to the public.

However, I don’t see why we should be happy if Linux was ever doomed. It’s still a great fallback in case Windows pulls its plug. Linux has come forward as an OS over many years. I have no doubt that developers will continue to pick up the slack as they’ve done magnificently a few years back.

It sounds as if your last experience with Linux was several updates ago, and you hated it because it wasn’t the Windows that you’re used to. Now if you were used to Linux and looked at Windows, I think you would probably say the same thing. It’s not a usability issue; it’s a familiarity issue. I’ve used both for years, bouncing from one to the other as my primary OS and having several virtual machines with various things on them, so as a knowledgeable user of both, I see no difference in usability. Of course the the details are different, sometimes very much so, because they’re developed by different teams; but now that Windows’ security is no longer an oxymoron, they’re both well qualified candidates for an only OS.

Download the latest version of UbuntuStudio (closer to Windows-like UI than the regular Ubuntu), toss it in a virtual machine, and use it like you grew up with the internet but not with computers. See what you think.

John you assert that “linux fanboys” troll blogs and comment sections and your plan then was to troll a comment section on an article about concerns in the Linux community. That that makes no sense if you truly do not like trolling then why do it yourself.

Also a sidebar but using the term “fanboy” makes you sound very juvenile

if the requirement yielded a noticeable benefit to it’s users and had a way to improve compatibility with competing platforms(i.e. provide code to make the system at least runable), then it would be fine. but requiring that manufacturers effectively lock out all but one company from running software on a general purpose machine sound absurd.

Users need not to forget, Even with UEFI imposed….. Necessity is the mother of all invention. THe proof is some of the Lunix version do work fine with UEFI “ON”

Microsoft missed the point a long time ago with Win 8 and 8.1, but they rather continu their way.

If they really really believed in the windows interface; Instead of rewriting the OS they had the chance of adapting the MS windows inteface to work on all the Linux Platform available.

And see Microsoft apps and software compete with others and see how well they fair against others.

Personnaly, outside Linux and OSX, the only other OS that was killed too soon but had the upper hand over Windows a long time ago was IBM OS/2. Oh ok they are others OS that are unix base who are amazing also.

But To me the only other corporation that can hold in check Microsoft if they ever decide one day to start working on a consumer/business OS to outclass Windows is IBM.

I remember in DOS time, Out of three DOS maker, IBM had the most stable OS over Microsoft and Digital Research had the the most pratical version of DOS.

Remember that Microsoft never really had the palm for the best OS. I’ve seen many that were far more better over time, like IBM DOS & OS/2, Amiga OS, DR DOS, Mac OS, OS/X, AIX, Linux (All flavor), etc.

And if motherboard manufacturer want to sell boards, well they will make sure that even a new born company can create an OS. the new OS will work on those motherboard, or maybe a new motherboard builder will raise up and build motherboards with a new standard in Bios that will blast to the past the current UEFI standard that Microsoft want to impose.

The problem is not UEFI. The problem is removing the option to disable Secure Boot. Without that option linux distros or recovery disks that can boot on a UEFI computer would not be able to without the proper key. Forget about booting a Hirens disk or even a Windows 7 PE disk. That is just wrong and a big thumbs down for Microsoft on allowing OEM’s to not have an option to disable it. I would build my own computer with a motherboard I know I can turn off Secure Boot before I would purchase a locked out system.

People should not forget: The certification requirement to be able to disable Secure Boot and/or upload custom keys applied *only* to the x86 architecture.

ARM architecture devices were specifically required to *not* have a way to disable it or change keys. And Microsoft elected *not* to offer a bootloader signing service for ARM. Which means that the ARM based versions of the “surface” line let you run Windows or nothing.

It will not surprise me in the slightest if they attempt to slip similar requirements into the x86 line at some point in the future when they think nobody’s paying attention anymore. Give a few more false starts so that people get used to dismissing the outcry as overblown, and then simply put it in, but with a signing service, and then start charging $10K for a signature and change it every 6 months. Presto! Open source systems relegated to the people serious enough to be willing to buy machines built specifically for it. Everybody else will buy what’s cheap and then be stuck with it. And, thanks to the DMCA, swapping or reprogramming the ROM chip to get around it will be illegal. :)

That would be my long-range plan if I worked for MS. If they can get it in while there are still people who think that “PC” means “Windows” they should be able to keep everyone in that mindset for a long time.

I’ve used Linux since 2004. It’s fun! I recently tried using Windows 7 and 8, and it was a horror show. If people knew just how easy and automated things can be in Linux, and how fast, they would drop Microshit in a heart beat.

File transfers EXT3 vs NTFS are 25% faster,, and you don’t have problems with too long paths, too long file names, file locked/in use (when its not) an so forth.

Automated software install, no software licence, no bloatware or trojans or whatevers installed, no need to find that installation key, or find out the one on your disk is invalid.

Linux actually will do whatever you ask it to, and not just whaat Microsoft executives have figured out that you should be able to do.

M’soft clearly abuse their position. Trying to dictate manufacturers what they should implement should be illegal in itself. Can’t wait to see the end of those M$ b……s. They definitely should be sued for anticompetitive practices. Companies with obvious vested interests should have no saying in shaping features affecting rival OSes.

Why is UEFI an issue at all ? It preventie that software that does not use the correct signature runs on a PC, but it doesn’t says that you cannot install this signature yourself with your OS of choice.

Microsoft has no gain in blocking users from putting whatever they want on their computers, and less so th hardware manufacturers. Does anybody seriously think they would purposely close themselves off the market of servers build on consumer-level hardware? And what about gamers using STEAM OS?